<< Prev Question Next Question >>

Question 21/72

A company receives a penetration test report summary from a third party. The report summary indicates a proxy has some patches that need to be applied. The proxy is sitting in a rack and is not being
used, as the company has replaced it with a new one. The CVE score of the vulnerability on the proxy is a 9.8. Which of the following best practices should the company follow with this proxy?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (72q)
Question 1: A recent zero-day vulnerability is being actively exploited,...
Question 2: After a security assessment was done by a third-party consul...
Question 3: Which of the following is described as a method of enforcing...
Question 4: An organization conducted a web application vulnerability as...
Question 5: A security analyst performs various types of vulnerability s...
Question 6: An organization conducted a web application vulnerability as...
Question 7: Which of the following best describes the process of requiri...
Question 8: A software developer has been deploying web applications wit...
Question 9: A technician identifies a vulnerability on a server and appl...
Question 10: The security operations team is required to consolidate seve...
Question 11: The Chief Information Security Officer wants to eliminate an...
Question 12: Which Of the following techniques would be best to provide t...
Question 13: During a cybersecurity incident, one of the web servers at t...
Question 14: A security administrator has been notified by the IT operati...
Question 15: While performing a dynamic analysis of a malicious file, a s...
Question 16: An analyst is evaluating the following vulnerability report:...
Question 17: A security analyst is trying to identify possible network ad...
Question 18: An analyst needs to provide recommendations based on a recen...
Question 19: A SOC analyst recommends adding a layer of defense for all e...
Question 20: During an incident, an analyst needs to acquire evidence for...
Question 21: A company receives a penetration test report summary from a ...
Question 22: Which of the following is the best action to take after the ...
Question 23: Which of the following would help to minimize human engageme...
Question 24: An attacker has just gained access to the syslog server on a...
Question 25: During the log analysis phase, the following suspicious comm...
Question 26: A managed security service provider is having difficulty ret...
Question 27: A security program was able to achieve a 30% improvement in ...
Question 28: A Chief Information Security Officer wants to map all the at...
Question 29: Given the following CVSS string- CVSS:3.0/AV:N/AC:L/PR:N/UI:...
Question 30: During an extended holiday break, a company suffered a secur...
Question 31: An employee is suspected of misusing a company-issued laptop...
Question 32: The Chief Information Security Officer is directing a new pr...
Question 33: Which of the following makes STIX and OpenloC information re...
Question 34: Which of the following best describes the document that defi...
Question 35: A company's user accounts have been compromised. Users are a...
Question 36: A security analyst obtained the following table of results f...
Question 37: A security analyst detects an exploit attempt containing the...
Question 38: A security analyst is performing an investigation involving ...
Question 39: A recent penetration test discovered that several employees ...
Question 40: An analyst finds that an IP address outside of the company n...
Question 41: Which of the following is the best way to begin preparation ...
Question 42: Which of the following describes the best reason for conduct...
Question 43: During a recent site survey. an analyst discovered a rogue w...
Question 44: The Chief Executive Officer (CEO) has notified that a confid...
Question 45: A security analyst is reviewing the findings of the latest v...
Question 46: An analyst is reviewing a vulnerability report for a server ...
Question 47: There are several reports of sensitive information being dis...
Question 48: A security analyst found the following vulnerability on the ...
Question 49: An organization enabled a SIEM rule to send an alert to a se...
Question 50: A security analyst is trying to detect connections to a susp...
Question 51: Which of the following best describes the goal of a tabletop...
Question 52: An analyst views the following log entries: (Exhibit) The or...
Question 53: Which of the following tools would work best to prevent the ...
Question 54: An end-of-life date was announced for a widely used OS. A bu...
Question 55: A vulnerability management team is unable to patch all vulne...
Question 56: Due to reports of unauthorized activity that was occurring o...
Question 57: A security team identified several rogue Wi-Fi access points...
Question 58: An analyst has been asked to validate the potential risk of ...
Question 59: Which of the following would a security analyst most likely ...
Question 60: The security team reviews a web server for XSS and runs the ...
Question 61: Which of the following items should be included in a vulnera...
Question 62: Which of the following is an important aspect that should be...
Question 63: Which of the following best describes the goal of a disaster...
Question 64: A security analyst received a malicious binary file to analy...
Question 65: Which of the following risk management principles is accompl...
Question 66: A security analyst recently used Arachni to perform a vulner...
Question 67: An incident response team finished responding to a significa...
Question 68: An analyst is reviewing a vulnerability report and must make...
Question 69: A SOC manager receives a phone call from an upset customer. ...
Question 70: Which of the following best describes the document that defi...
Question 71: A company that has a geographically diverse workforce and dy...
Question 72: An employee accessed a website that caused a device to becom...